nfsd4: exchange_id: check creds before killing confirmed client
authorJ. Bruce Fields <bfields@redhat.com>
Sun, 13 May 2012 01:08:41 +0000 (21:08 -0400)
committerJ. Bruce Fields <bfields@redhat.com>
Fri, 1 Jun 2012 00:29:51 +0000 (20:29 -0400)
We mustn't allow a client to destroy another client with established
state unless it has the right credential.

And some minor cleanup.

(Note: our comparison of credentials is actually pretty bogus currently;
that will need to be fixed in another patch.)

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
fs/nfsd/nfs4state.c

index aca84c942595b479049c83eb8386421c990b46ec..f372a6edef34b67d0ec284f94ce89d5bb7e32cb6 100644 (file)
@@ -1556,6 +1556,14 @@ nfsd4_exchange_id(struct svc_rqst *rqstp,
                        status = nfserr_clid_inuse; /* XXX: ? */
                        goto out;
                }
+               if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
+                       /* 18.35.4 case 9 */
+                       if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A)
+                               status = nfserr_perm;
+                       else /* case 3 */
+                               status = nfserr_clid_inuse;
+                       goto out;
+               }
                if (!same_verf(&verf, &conf->cl_verifier)) {
                        /* 18.35.4 case 8 */
                        if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) {
@@ -1566,15 +1574,6 @@ nfsd4_exchange_id(struct svc_rqst *rqstp,
                        expire_client(conf);
                        goto out_new;
                }
-               if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
-                       /* 18.35.4 case 9 */
-                       if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) {
-                               status = nfserr_perm;
-                               goto out;
-                       }
-                       expire_client(conf);
-                       goto out_new;
-               }
                /*
                 * Set bit when the owner id and verifier map to an already
                 * confirmed client id (18.35.3).